Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Node Cookbook

You're reading from Node Cookbook Actionable solutions for the full spectrum of Node.js 8 development

Product type Paperback

Published in Jul 2017

Publisher Packt

ISBN-13 9781785880087

Length 656 pages

Edition 3rd Edition

Languages

JavaScript

Tools

Node.js

Concepts

Server Side Web Development

Authors (4):

David Mark Clements

Matteo Collina

Elger

Mathias Buus Madsen

View More author details

Table of Contents (20) Chapters

Title Page

Credits

Foreword

About the Authors

About the Reviewers

www.PacktPub.com

Customer Feedback

About nearForm

Preface

1. Debugging process* FREE CHAPTER

2. Writing Modules

3. Coordinating I/O

4. Using Streams

5. Wielding Web Protocols

6. Persisting to Databases

7. Working with Web Frameworks

8. Dealing with Security

9. Optimizing Performance

10. Building Microservice Systems

11. Deploying Node.js

Preventing Cross Site Request Forgery

The browser security model, where a session cookie is globally among all windows/tabs, allows for a request to be made with the privileges of the logged in user.

Where Cross Site Scripting (XSS) is making code delivered through one place (be it a malicious site, email, text message, downloaded file, and so on), execute on another site, Cross Site Request Forgery is the act of making a request from one place (again either a malicious site or otherwise) to another site that a user is logged into - that is where they have an open HTTP Session.

In short, XSS is running malicious code on another site and CSRF is making a request to another site that executes an action on a logged in users behalf.

In this recipe, we're going to secure a server against CSRF attacks.

Getting ready

We're going to create a simple server that manages "Employee Payment Profile" updates, and an adversarial server that uses CSRF to change where an employee's hypothetical salary is sent...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (4)

David Mark Clements

David Mark Clements

David Mark Clements is a principal architect with nearForm, specializing in Node, frontend web, and JavaScript performance. He assists multinationals and start-ups alike with architecture planning, creating and leading development teams, innovation projects, internal evangelism, training, and deep dive consultancy on all aspects of live systems (architecture, performance, infrastructure, and deployment). David is also an avid open source enthusiast, and regularly speaks at various JavaScript and web conferences. Node.js became a core component of his toolset (since version 0.4) due to its versatility, vast ecosystem, and the cognitive ease that comes with full-stack JavaScript. Being primarily self-taught, David Mark Clements has a potent curiosity that typically drives him to approach problems with a unique perspective.

See other products by David Mark Clements

Matteo Collina

Matteo Collina

Matteo Collina is the co-founder and CTO of Platformatic who has the goal of removing all friction from backend development. He is also a prolific open source author in the JavaScript ecosystem, and the modules he maintains are downloaded more than 17 billion times a year. Previously, he was the chief software architect at NearForm, the best professional services company in the JavaScript ecosystem. In 2014, he defended his Ph.D. thesis titled Application Platforms for the Internet of Things. Matteo is a member of the Node.js Technical Steering Committee, focusing on streams, diagnostics, and HTTP. He is also the author of the fast logger, Pino, and the Fastify web framework. Matteo is a renowned international speaker after more than 60 conferences, including OpenJS World, Node.js Interactive, NodeConf.eu, NodeSummit, JSConf.Asia, WebRebels, and JsDay, to name just a few. Since August 2023, he also serves as a community director on the OpenJS Foundation. In the summer, he loves sailing the Sirocco.

See other products by Matteo Collina

Elger

Elger

Peter Elger is the CTO at nearForm, a consultancy specializing in enterprise digital transformation using the Node.js platform.Formerly a physicist working on the JET nuclear fusion research project, Peter has worked across several industry verticals, including disaster recovery, telecommunications, and social media. Peter has been the cofounder and CTO of two companies prior to nearForm, and he holds degrees in theoretical physics and computer science. Based in Ireland, Peter spends his time consulting for clients, working on open source software, writing, and conference speaking.

See other products by Elger

Mathias Buus Madsen

Mathias Buus Madsen

Mathias Buus (@mafintosh) is a self-taught JavaScript hacker from Copenhagen. He works full-time on open source projects and has been working with Node.js since its 0.2 days. Mathias likes to work with P2P and distributed systems, and he is the author of more than 550 modules on npm, including some of the most popular ones for working with streams. In addition, he has spoken about mad science projects at various conferences around the world.

See other products by Mathias Buus Madsen

Other recommended products

Related to this chapter

The fourth edition of Node Cookbook covers the latest features and libraries of Node.js 14. With this recipe-based guide, you'll learn how to handle files, build simple web applications, and build your own modules using Node.js. You'll also be able to diagnose problems in your apps, handle security concerns, and deploy your apps to the cloud.

Nov 2020 17h 4m

Server Side development with Node.js and Koa.js Quick Start Guide

Server Side development with Node.js and Koa.js Quick Start Guide

Every developer wants to build modular and scalable web applications. Modern versions of the JavaScript language have made this possible in Node.js, and Koa is a Node.js framework that makes it easy. This book is the ideal introduction for JavaScript developers who want to create scalable serverside applications using Node.js and Koa.js.

Nov 2018 4h 24m

RESTful Web API Design with Node.js 10

RESTful Web API Design with Node.js 10

RESTful services have become the standard data feed providers for social services, news feeds, and mobiles. If you want to build fast REST APIs and want to deliver a large amount of data to millions of users, you'll find this book extremely useful. This book will teach you to create scalable RESTful applications based on the Node.js platform.

Apr 2018 5h 56m

Mastering Node.js

Mastering Node.js

Node.js with its strong features and ability to write server as well as client side code with JavaScript has become a popular choice amongst developers for building powerful web applications. This book is a deep dive into showing facets of Node which are helpful for creating highly concurrent and scalable real time applications.

Dec 2017 16h 36m

Web Development with MongoDB and Node

Web Development with MongoDB and Node

Node.js builds fast, scalable network applications while MongoDB is the perfect fit as a high-performance, open source NoSQL database solution. The combination of these two technologies offers high performance and scalability to build fast, scalable network applications. Together they provide the power to manage any form of data, as well as speed of delivery. This book will help you to get these two technologies working together to build web applications quickly and easily, with effortless deployment to the cloud. You will also learn about angular 4, which consumes pure JSON APIs from a hapi server.

Sep 2017 11h 0m

Node.js Web Development

Node.js Web Development

Node.js is a server-side JavaScript platform using an event-driven, non-blocking I/O model allowing users to build fast and scalable data-intensive applications running in real time. JavaScript is no longer just for browsers and this exciting introduction to Node.js will show you how to build data-intensive applications that run in real time. By the end of the book, you will develop a striking and robust web application using the latest features that Node.js has to offer.

May 2018 16h 24m

Node.js Design Patterns

Node.js Design Patterns

In this book, we will show you how to implement a series of best practices and design patterns to help you create efficient and robust Node.js applications with ease. We start by teaching you how to master the basics of Node.js development, such as its module systems and its event-driven asynchronous programming style. Next, you will learn how creational, structural, and behavioral design patterns can help you create modular and extensible software. Finally, we'll show you how Node.js applications can be distributed and scaled to create complex software architectures.

Jul 2020 22h 8m

Personalised recommendations for you

Based on your interests and search pattern

ASP.NET Core 9 Web API Cookbook

ASP.NET Core 9 Web API Cookbook

Get ready for the future of web API development by working through practical recipes covering REST, GraphQL, SignalR, and gRPC. This book is ideal for .NET developers eager to learn best practices in API security, data access optimization, and more.

Apr 2025 11h 28m

Spring System Design in Practice

Spring System Design in Practice

This book guides you through the intricacies of building robust software architectures with Spring. You'll get hands-on with the tools and best practices needed to design scalable, secure, and high-performance applications.

May 2025 15h 4m

Learn React Hooks

Learn React Hooks

This ultimate guide to Hooks shows you how to manage state, handle form submissions, fetch data using Suspense, and build reusable custom Hooks. This edition includes the latest Hooks and introduces modern React 19 features with real-world use cases.

May 2025 12h 24m